Enable Arkose Labs Challenge for Trial Signups
What does this MR do and why?
This MR adds the Arkose Labs Challenge for the Trial Signup flow.
Issue: https://gitlab.com/gitlab-org/modelops/anti-abuse/team-tasks/-/issues/230+
Screenshots or screen recordings
| Trial Signup - Arkose disabled | Trial Signup - Arkose enabled |
|---|---|
| Screen_Recording_2023-03-09_at_16.58.36 | Screen_Recording_2023-03-09_at_17.02.58 |
How to set up and validate locally
-
Enable Arkose Labs on signup (the Arkose Labs public and private API keys can be found in the 1Password Engineering Vault entry named ArkoseLabs API keys > GITLAB - DEVELOPMENT - REGISTRATION FLOW). Optionally enable Identity Verification.
Feature.enable(:arkose_labs_signup_challenge) Feature.enable(:arkose_labs_trial_signup_challenge) Feature.enable(:identity_verification) # optional Feature.disable(:soft_email_confirmation) # optional ApplicationSetting.current.update(arkose_labs_public_api_key: ***, arkose_labs_private_api_key: ***, arkose_labs_namespace: 'client') ApplicationSetting.current.update(email_confirmation_setting: 2) # optional ApplicationSetting.current.update(require_admin_approval_after_user_signup: false) # optional -
Force ArkoseLabs to always require the user to solve the challenge. Update
ee/app/assets/javascripts/arkose_labs/components/sign_up_arkose_app.vue, line 63:arkoseObject.setConfig({ + data: { id: 'ML_defence' }, // ADD THIS LINE mode: 'inline', selector: `.${this.arkoseContainerClass}`, onShown: this.onArkoseLabsIframeShown, onCompleted: this.passArkoseLabsChallenge, }); -
Enable reCAPTCHA on signup to verify the default behavior
-
Start GDK with
GITLAB_SIMULATE_SAAS=1to simulate SaaS -
Visit http://localhost:3000/-/trial_registrations/new and signup
MR acceptance checklist
This checklist encourages us to confirm any changes have been analyzed to reduce risks in quality, performance, reliability, security, and maintainability.
-
I have evaluated the MR acceptance checklist for this MR.